package com.garry.common.security.realm;

import com.garry.common.dto.UserDto;
import com.garry.common.security.util.PasswordUtil;
import com.garry.user.entity.User;
import com.garry.user.repository.UserRepository;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.ArrayList;
import java.util.List;

/**
 * Created by GarryGe on 2016/12/4.
 */
public class UserRealm extends AuthorizingRealm {
    @Autowired
    private UserRepository userRepository;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        //获取当前登录的用户名
        String account = (String) super.getAvailablePrincipal(principalCollection);

        List<String> roles = new ArrayList<String>();
        List<String> permissions = new ArrayList<String>();
        /*User user = userService.getByAccount(account);
        if(user != null){
            if (user.getRoles() != null && user.getRoles().size() > 0) {
                for (Role role : user.getRoles()) {
                    roles.add(role.getName());
                    if (role.getPmss() != null && role.getPmss().size() > 0) {
                        for (Permission pmss : role.getPmss()) {
                            if(!StringUtils.isEmpty(pmss.getPermission())){
                                permissions.add(pmss.getPermission());
                            }
                        }
                    }
                }
            }
        }else{
            throw new AuthorizationException();
        }*/
        //给当前用户设置角色
        info.addRoles(roles);
        //给当前用户设置权限
        info.addStringPermissions(permissions);
        return info;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String username = token.getUsername();
        token.setRememberMe(true);
        User user = userRepository.findByUsername(username);
        String password = new String((char[]) token.getCredentials());
        if (user != null && StringUtils.equals(PasswordUtil.encrypt(password, user.getSalt(), PasswordUtil.hashIterations), user.getPassword())) {
            UserDto principal = null;
            if (StringUtils.isNotEmpty(user.getNickname())) {
                principal = new UserDto(user.getNickname(), user.getHeadImage());
            } else {
                principal = new UserDto(user.getUsername(), user.getHeadImage());
            }
            return new SimpleAuthenticationInfo(principal, user.getPassword(), ByteSource.Util.bytes(user.getSalt()), getName());
        }
        throw new AuthenticationException();
    }
}
